Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to add a CentOS to an existent pfSense openvpn configuration

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 3 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      agrozdanov
      last edited by

      Good evening,

      I wasn't able to find a related post even though I thought it is very common case.
      I apologize if I skipped some and I am repeating an issue.

      I have an existent openvpn- server configuration which is working fine up to now with my windows 8.1 desktop and iphone clients (actually after the last pfSense- update the openvpn- clients I have generated are not able to be installed anymore on Windows - it is giving a weird error, but I guess I will ask for this issue another time).

      I would like to connect my centos server as a client to my openvpn- server.

      Can you, please help out?

      Thank you and Best Regards,

      Asen

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Use the export package and export an inline configuration using the "Others" button and that should work fine being passed to openvpn directly at a command line.

        I'm not sure what, if anything, CentOS does special for OpenVPN so if you want to do that in a way which integrates better with CentOS you may have to manually enter configuration parameters somewhere inside CentOS.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • W
          whosmatt
          last edited by

          It's been a while since I've done this, but I think this applies to CentOS 6 and probably 7 as well.

          First, download the inline config from the pfSense client export package.

          1.        Install openvpn from the repos.

          2.      Copy the downloaded file to /etc/openvpn

          3.      Change the .ovpn extension to .conf

          4.      Set permissions to 0400 and verify ownership is root:root

          5.      Set the openvpn service to start at boot (chkconfig openvpn on)

          6.      Start openvpn.

          7.      Verify connectivity with iperf by looking for the tun0 adapter with IP address assigned by the OpenVPN server.

          These were instructions I supplied for an environment where we are using pfSense as an OpenVPN server with CentOS 6 and RHEL6 servers as clients.  The permissions settings aren't strictly necessary, but it's to prevent any non-root users from nabbing the certificates / keys contained in the config file.

          1 Reply Last reply Reply Quote 0
          • A
            agrozdanov
            last edited by

            Thank you very much whosmatt!

            Procedure:

            sudo yum install epel-release
            sudo yum install openvpn easy-rsa -y
            Create from Inline Configuration -> Others
            sudo cp file.ovpn /etc/openvpn/file.conf
            sudo openvpn –config /etc/openvpn/file.conf

            It is working perfectly now.

            Best Regards,

            agrozdanov

            1 Reply Last reply Reply Quote 0
            • W
              whosmatt
              last edited by

              For what it's worth, if you start openvpn with the included init script ('service openvpn start') it will automatically connect to any client configuration with a .conf extension in /etc/openvpn.  Otherwise you can just specify any config file on the command line, as you did.  No need to rename the file or place in /etc/openvpn in the latter case.

              1 Reply Last reply Reply Quote 0
              • A
                agrozdanov
                last edited by

                Hi whosmatt,
                Thank you very much for the help!
                Actually the CentOS server is one of my openvpn- clients since  it is behind firewall I have no control on.
                I have used  sudo systemctl enable openvpn@pfSense-TCP… and it is working perfect. I am using TCP since it is thru ssh- tunnel.
                I rebooted it several times and it is starting automatically after the start of my kvm. I am actually thinking to change the kvm with oVirt. Do you have any experience with it?
                Best Regards,
                agrozdanov

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.